I recently set up my app using this guide: https://supabase.com/docs/reference/auth-helpers/next-js I'm redirecting the user to a

/login

page if they end up on a protected route using

withMiddlewareAuth

For some reason, and I've only noticed this today and am trying to figure out what I did, even after the user logs in, you still get redirected to

/login

, unless you do a refresh of the page. Is this expected behavior? What could be causing it? thanks!

Is it possible to create a policy that grants the update right on a row to the owner of a row exept for one column? Should I split the table in two tables and create a 1to1 relationship?

I imported about 2000 rows from a Google Sheets table, with came with an

id

column that was already populated with incrementing integers. When I now try to add an additional row to this table (which I've set as a Primary Key and as an Identity column), I keep getting the "duplicate key value violates unique constraint" error. I've looked around on GitHub and here on Discord for how to solve this, which seems to revolve around resetting the sequence to start at the next

id

integer after the max one already in the table, but I cannot for the life of me figure out what SQL query I should be running to do this (or even how to find the name of the "sequence"). Please help?

Are there plans to add modifiers like range(0, 10) to realtime stream or a modifier that helps with pagination? Or is there a work around I can implement at the moment?

See my issue on GitHub: https://github.com/supabase/supabase/issues/9378

Trying to delete users from auth.users via dashboard (UI & SQL Editor) results in success messages but, after refreshing they just return. Tried clicky clicky via UI and using the following queries from the SQL Editor

sql
DELETE FROM auth.users CASCADE WHERE id = '0247b05d-dd45-4b3b-a9ce-ac8f00fabe9a';

sql
DELETE FROM auth.users CASCADE;

Talking about hosted supabase on the free plan, we wan't to adopt supabase for our startup.

Hello, When I login, and get redirect I get a call to api/auth/user to get the user back but the problem is this first call after login come back with status 304, and I don't get the data When I leave the page and comeback I do get another call with status 200 and the data. I really don't understand why I have this 302 blocking user data for coming back. Do you have any idea of the cause of this problem ?

I'm currently trying to extend the supabase-gotrue-kt library to handle provider login. With Email login I can login server side and then create a cookie which I can check in an Interceptor Server Side. When logging in with google I don't get a set cookie response header from the supabase server, I just get the url with the jwt stored as server fragment like described here: https://supabase.com/docs/gotrue/server/about#get-callback In the dart client the library replaces the fragment with a parameter: https://github.com/supabase-community/gotrue-dart/blob/bc11143021da59aedd4fc106366afef358d01433/lib/src/gotrue_client.dart#L202 I would like to have access to this fragment server side so I can set a Cookie for the jwt. https://github.com/supabase-community/gotrue-kt Can supabase make this configurable so I get parameter and not fragments returned?

I am writing a tool to migrate data form google sheet to Supabase. I have created my Supabase tables. I want to validate all my data before I start inserting them and I need to have schema in my code to validate. But I want to do it automatically instead of recreating schema in json and remember to update it if supabase tables were changed. Is there a way to access schema in json format? Or Is there a way to access the type of specific column in an specific table? Or is there a way that Supabase API could validate a record without inserting it? Thanks

If I want to do something like

auth.some_property

(ie

current_user.some_property

), what would be the right syntax for a RLS?

I have a NextJS + Supabase app where I'm using magic link for Auth. I also have a Discourse (https://www.discourse.org) instance setup on one of the app subdomains. I want to log in to the Discourse forum using the Supabase Auth already setup. Discourse allows for this by including a payload containing the redirect_url in the url for the login route (see screenshot and doc link below). How can I include this in the magic link that Supabase sends to the user's email? (I'm using Amazon SES for the custom SMTP) Supabase login code in my app:

ts
const { error } = await supabaseClient.auth.signIn(
        { email: email },
        {
          redirectTo: `http${
            process.env.NODE_ENV == "production" ? "s" : ""
          }://app.${process.env.NEXT_PUBLIC_APP_DOMAIN}/dashboard`,
        }
      );

Reference doc for setting up SSO in Discourse: https://meta.discourse.org/t/setup-discourseconnect-official-single-sign-on-for-discourse-sso/13045

Hello, I just so the article about primary keys https://supabase.com/blog/choosing-a-postgres-primary-key But it I can't find the extension

pg_idkit

and anything that will allow me to use

xid

. Am I missing something? Will this extension me added?

I've read that there is a

returning

parameter but it has no description on how it is used/invoked.

I just can't seem to get it to work. If I can get Studio up and working, it complains about attempting a non-secure connection. I tried splitting the sub-domain to route the traffic going to Kong differently, but now I get: Access to fetch at 'https://example.com:8443/rest/v1/' from origin 'https://example.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. 'example.com' is being used to obfuscate the domain that I'm using. I would sure appreciate any help. I am beyond frustrated.

Is it possible in Supabase to change the http.timeout_msec for the pgsql_http package? I checked the extensions schema and extensions.http_set_curlopt has a comment of

-- missing source code

. I need to increase the timeout of HTTP calls from 5 seconds to 10 seconds if possible.

Since this morning I'm having errors saving jsonb columns. Even if I put

{ }

it still show the error. Do you know what it could be?

Hi there 👋 I am working on password recovery in React and it's well documented how that is supposed to work but for some reason it is not working for me. The example shows that using the `onAuthStateChange `event is the way to handle incomming recovery requests. I tried putting a

console.log

in there so I could see if the event even happens, but it just does not show up.

typescript
useEffect(() => {
  supabase.auth.onAuthStateChange(async (event, session) => {
    console.log('AUTH STATE CHANGE', event, session);

    if (event === 'PASSWORD_RECOVERY') {
      alert('It works');
    }
  });
}, []);

Any ideas on what might be wrong? https://supabase.com/docs/reference/javascript/auth-api-resetpasswordforemail#reset-password-react

They don't appear in the "Postgres logs" in the dashboard. Am I missing something?

Okay so describing the issue: This is code which takes array of some hashed phone numbers and takes our id etc from DB whose data matches with the IN clause. Now I tested this thing manually with an array of 2-3 hashed numbers i got data, But it failed when we use the API with application sending 150+ hashed numbers. After a lot of brainfuck the same thing works when i just send the array to RPC function using ANY() clause. Is this a bug which causes supabasejs to fail when working with a large data or js drawback it cannot join such lengthy array?

I'm trying to diff two databases - I know there's one additional table in the public schema of the source db, but it doesn't exist in the target db. and yet, when i do the diff (using pgAdmin4, or the supabase CLI version), it doesn't show up in the diff sql. Any solutions to this please?

Hey there, i am stuck with a problem for a few days. I want to upload .txt files (50+ rows) in supabase. Everythings worked fine until i tried to get the files from my front end. I am using this code : begin EXECUTE format(E' COPY (tablename) FROM PROGRAM curl %L DELIMITER %L encoding %L' ,input_url, '\t', 'windows-1251'); end; When i just use write the url it work without the EXECUTE FORMAT (it's plpgsql) Any clues ?

This is more of a guidance/debate post I guess, rather than an outright issue, but I feel like I'm in a slightly unique position and I can't find the solution. I'm using the platform/cloud btw, not on-prem/self-hosting... I've got an edge function that calls an external API on behalf of multiple clients, and I have a static/long-term access token for each client. The edge function takes parameters which include the clients specific API end point and their access token. I can call this from CURL etc and it works a treat. I actually want to call this edge function from pgcron a few times a day and I've got plans for a scheduled jobs table and another database function that picks the right jobs to run and executes the edge function for each client etc, and I'm quite happy with that direction. However, it means I need to store the clients' access tokens against clients in my Supabase database and I feel I should be encrypting these access tokens in the table and decrypting them to send to the edge function. The crux of my problem is that (as far as I can tell) I've got no kind of vault/secure env I can put my password/key for the encrypt()/decrypt() functions? Resorting to this password/key being hardcoded anywhere that is ultimately inside Supabase feels pointless 😅 So short of waiting for Supabase Vault to come to the platform, is there anything I can actually do here? Or am I overreacting if I've got RLS on every table? Is it fine to just not encrypt these access tokens in the database? TIA

If I host superbase on my own server, do I still need to subscribe to plans or does selfhosting automaticly remove any limitytions?

Hi! I would want to know if it would be possible to make requests without being authenticated, but passing RSLs, I mean. For example, send a request with an api key that checks if this api key is inside a db. could i do this in any way? thanks

Do i need a foreign key on 2 tables that i want to do a join if im using the REST API or what is the syntax if im using python or cURL to create this request joining 2 tables i.e Users and posts?

I have been attracted to Supabase auth and its very easy to implement in code how ever I wasn't able to set things up in database. The source code i tried to setup on my local is https://github.com/rebelchris/next-supabase Issue was posted at https://github.com/rebelchris/next-supabase/issues/1 I already solved the

relation "public.profiles" does not exist

the reason i encounter this is I still don't have the table for

profiles

however when i tried to add the

id

,

username

,

updated_at

which this are the items i need i encounter a new error which is

invalid input syntax for type bigint: "uuidhereofauser"

Would really appreciate if someone teach me what are the requirements or setup of table for this, my only knowledge was mariadb and mongodb but I want to try this new realtime database with super easy auth implementation.

Is it possible if I have a loads table that consists of Carriers and Customers with ID’s in the Accounts table to have foreign keys for both of these fields in the loads table pointing to the one Accounts ID field? Example: Loads table: Carrier : UUID Customer: UUID Accounts Table: ID : UUID account_type: carrier or customer Doing this I have gotten a foreign key error before and am not sure how to fix.

See the image. I have no clue how to solve this issue. I am not that experienced with using webpack and configuring additional loaders etc.

js
error - ./node_modules/@supabase/auth-helpers-react/src/components/UserProvider.tsx
Module parse failed: Unexpected token (22:21)
You may need an appropriate loader to handle this file type, currently no loaders are configured to process this file. See https://webpack.js.org/concepts#loaders
|
| let networkRetries = 0;
> let refreshTokenTimer: ReturnType<typeof setTimeout>;
|
| const UserContext = createContext<UserState | undefined>(undefined);

As I'm migrating an mvp from custom SQLite to Supabase I realized that Auth isn't consolidating email addresses, for example

mail@gmail.com

&

mail+label@gmail.com

, I did that before in my manual setup so that people can easily switch between OAuth providers, their email address and don't have to remember if they used a + address or not and also that using a + address and then an OAuth provider would just work. Now I'm curious what people actually expect. I know that it got me a couple of times creating unwanted accounts instead of logging into an existing. Also how could I do that currently? So far I added a

email_raw

column to my

profile

table and auto populate it from

generateLink

data

so I'll then be able to query profiles to see if there's already an associated profile with an email. What else am I missing? Also asking because maybe people want to be able to create multiple accounts using just +addresses, though I think we don't actually want to allow that anyway.

I'm currently trying to migrate from firebase to supabase. Is there a way to replicate .authStateChanges() (https://firebase.flutter.dev/docs/auth/usage/) and receive a Stream of the current User.